GUAC-932: Restore patch support within permission service.

2025-09-11 23:47:42 +00:00 · 2014-12-18 01:03:36 -08:00
parent 3c5213e103
commit 993fbef86d
2 changed files with 208 additions and 33 deletions
--- a/guacamole/src/main/webapp/app/rest/services/permissionService.js
+++ b/guacamole/src/main/webapp/app/rest/services/permissionService.js
@@ -23,8 +23,8 @@
 /**
 * Service for operating on user permissions via the REST API.
 */
-angular.module('rest').factory('permissionService', ['$http', 'authenticationService',
-        function permissionService($http, authenticationService) {
+angular.module('rest').factory('permissionService', ['$http', 'authenticationService', 'PermissionPatch',
+        function permissionService($http, authenticationService, PermissionPatch) {
            
    var service = {};
    
@@ -32,7 +32,6 @@ angular.module('rest').factory('permissionService', ['$http', 'authenticationSer
     * Makes a request to the REST API to get the list of permissions for a
     * given user, returning a promise that provides an array of
     * @link{Permission} objects if successful.
-
     * 
     * @param {String} userID
     *     The ID of the user to retrieve the permissions for.
@@ -42,7 +41,19 @@ angular.module('rest').factory('permissionService', ['$http', 'authenticationSer
     *     success.
     */
    service.getPermissions = function getPermissions(userID) {
-        return $http.get("api/user/" + userID + "/permissions?token=" + authenticationService.getCurrentToken());
+
+        // Build HTTP parameters set
+        var httpParameters = {
+            token : authenticationService.getCurrentToken()
+        };
+
+        // Retrieve user permissions
+        return $http({
+            method  : 'GET',
+            url     : 'api/user/' + encodeURIComponent(userID) + '/permissions',
+            params  : httpParameters
+        });
+
    };
    
    /**
@@ -50,8 +61,11 @@ angular.module('rest').factory('permissionService', ['$http', 'authenticationSer
     * returning a promise that can be used for processing the results of the
     * call.
     * 
-     * @param {String} userID The ID of the user to add the permission for.
-     * @param {PermissionSet} permissions The permissions to add.
+     * @param {String} userID
+     *     The ID of the user to modify the permissions of.
+     *                          
+     * @param {PermissionSet} permissions
+     *     The set of permissions to add.
     *                          
     * @returns {Promise}
     *     A promise for the HTTP call which will succeed if and only if the
@@ -66,8 +80,11 @@ angular.module('rest').factory('permissionService', ['$http', 'authenticationSer
     * returning a promise that can be used for processing the results of the
     * call.
     * 
-     * @param {String} userID The ID of the user to remove the permission for.
-     * @param {PermissionSet} permissions The permissions to remove.
+     * @param {String} userID
+     *     The ID of the user to modify the permissions of.
+     *                          
+     * @param {PermissionSet} permissions
+     *     The set of permissions to remove.
     *                          
     * @returns {Promise}
     *     A promise for the HTTP call which will succeed if and only if the
@@ -76,15 +93,88 @@ angular.module('rest').factory('permissionService', ['$http', 'authenticationSer
    service.removePermissions = function removePermissions(userID, permissions) {
        return service.patchPermissions(userID, null, permissions);
    };
-    
+
+    /**
+     * Adds patches for modifying the permissions associated with specific
+     * objects to the given array of patches.
+     *
+     * @param {PermissionPatch[]} patch
+     *     The array of patches to add new patches to.
+     *
+     * @param {String} operation
+     *     The operation to specify within each of the patches. Valid values
+     *     for this are defined within PermissionPatch.Operation.
+     *
+     * @param {Object.<String, String[]>} permissions
+     *     A map of object identifiers to arrays of permission type strings,
+     *     where each type string is a value from
+     *     PermissionSet.ObjectPermissionType.
+     */
+    var addObjectPatchOperations = function addObjectPatchOperations(patch, operation, path, permissions) {
+
+        // Add object permission operations to patch
+        for (var identifier in permissions) {
+            patch.push({
+                op    : operation,
+                path  : path + "/" + identifier,
+                value : permissions[identifier]
+            });
+        }
+
+    };
+
+    /**
+     * Adds patches for modifying any permission that can be stored within a
+     * @link{PermissionSet}.
+     * 
+     * @param {PermissionPatch[]} patch
+     *     The array of patches to add new patches to.
+     *
+     * @param {String} operation
+     *     The operation to specify within each of the patches. Valid values
+     *     for this are defined within PermissionPatch.Operation.
+     *
+     * @param {PermissionSet} permissions
+     *     The set of permissions for which patches should be added.
+     */
+    var addPatchOperations = function addPatchOperations(patch, operation, permissions) {
+
+        // Add connection permission operations to patch
+        addObjectPatchOperations(patch, operation, "/connectionPermissions",
+            permissions.connectionPermissions);
+
+        // Add connection group permission operations to patch
+        addObjectPatchOperations(patch, operation, "/connectionGroupPermissions",
+            permissions.connectionGroupPermissions);
+
+        // Add user permission operations to patch
+        addObjectPatchOperations(patch, operation, "/userPermissions",
+            permissions.userPermissions);
+
+        // Add system operations to patch
+        if (permissions.systemPermissions.length) {
+            patch.push({
+                op    : operation,
+                path  : "/systemPermissions",
+                value : permissions.systemPermissions
+            });
+        }
+
+    };
+            
    /**
     * Makes a request to the REST API to modify the permissions for a given
     * user, returning a promise that can be used for processing the results of
     * the call.
     * 
-     * @param {String} userID The ID of the user to remove the permission for.
-     * @param {PermissionSet} [permissionsToAdd] The permissions to add.
-     * @param {PermissionSet} [permissionsToRemove] The permissions to remove.
+     * @param {String} userID
+     *     The ID of the user to modify the permissions of.
+     *                          
+     * @param {PermissionSet} [permissionsToAdd]
+     *     The set of permissions to add, if any.
+     *
+     * @param {PermissionSet} [permissionsToRemove]
+     *     The set of permissions to remove, if any.
     *                          
     * @returns {Promise}
     *     A promise for the HTTP call which will succeed if and only if the
@@ -92,33 +182,24 @@ angular.module('rest').factory('permissionService', ['$http', 'authenticationSer
     */
    service.patchPermissions = function patchPermissions(userID, permissionsToAdd, permissionsToRemove) {

-        // FIXME: This will NOT work, now that PermissionSet is used
-
-        var i;
        var permissionPatch = [];
        
+        // Build HTTP parameters set
+        var httpParameters = {
+            token : authenticationService.getCurrentToken()
+        };
+
        // Add all the add operations to the patch
-        for (i = 0; i < permissionsToAdd.length; i++ ) {
-            permissionPatch.push({
-                op      : "add",
-                path    : userID, 
-                value   : permissionsToAdd[i]
-            });
-        }
-        
+        addPatchOperations(permissionPatch, PermissionPatch.Operation.ADD, permissionsToAdd);
+
        // Add all the remove operations to the patch
-        for (i = 0; i < permissionsToRemove.length; i++ ) {
-            permissionPatch.push({
-                op      : "remove",
-                path    : userID, 
-                value   : permissionsToRemove[i]
-            });
-        }
-        
-        // Make the HTTP call
+        addPatchOperations(permissionPatch, PermissionPatch.Operation.REMOVE, permissionsToRemove);
+
+        // Patch user permissions
        return $http({
            method  : 'PATCH', 
-            url     : "api/permission/?token=" + authenticationService.getCurrentToken(),
+            url     : 'api/user/' + encodeURIComponent(userID) + '/permissions',
+            params  : httpParameters,
            data    : permissionPatch
        });